aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/uencrypt/src
diff options
context:
space:
mode:
authorEneas U de Queiroz <cotequeiroz@gmail.com>2022-07-08 11:08:21 -0300
committerChristian Marangi <ansuelsmth@gmail.com>2022-08-19 14:44:07 +0200
commitd94a28f7d264ca8286b448a70e0311fa0051603a (patch)
tree6980429bc049bccc5b6243058fba3c9e8da9199a /package/utils/uencrypt/src
parentbfb37d363c9c2a8ca7931937505e53f73fc1f8f5 (diff)
downloadupstream-d94a28f7d264ca8286b448a70e0311fa0051603a.tar.gz
upstream-d94a28f7d264ca8286b448a70e0311fa0051603a.tar.bz2
upstream-d94a28f7d264ca8286b448a70e0311fa0051603a.zip
uencrypt: add package to decrypt WG4хх223 config
This adds a simple AES-128-CBC encryption/decryption program using either wolfSSL or OpenSSL as backend to decrypt Arcadyan WG4xx223 configuration partitions. The ipk size is 3,355 bytes. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit bc43ad88ed18722c0621fd6dfef0ff68268f4e14)
Diffstat (limited to 'package/utils/uencrypt/src')
-rw-r--r--package/utils/uencrypt/src/CMakeLists.txt20
-rw-r--r--package/utils/uencrypt/src/uencrypt.c117
2 files changed, 137 insertions, 0 deletions
diff --git a/package/utils/uencrypt/src/CMakeLists.txt b/package/utils/uencrypt/src/CMakeLists.txt
new file mode 100644
index 0000000000..cd25d2f12f
--- /dev/null
+++ b/package/utils/uencrypt/src/CMakeLists.txt
@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: GPL-2.0-or-later
+# Copyright (C) 2022 Eneas Ulir de Queiroz
+
+cmake_minimum_required(VERSION 2.8.12 FATAL_ERROR)
+project(uencrypt LANGUAGES C)
+
+option(USE_WOLFSSL "Use WolfSSL as crypto provider" OFF)
+if (USE_WOLFSSL)
+ add_definitions(-DUSE_WOLFSSL)
+ find_library(WOLFSSL_LIBRARY wolfssl REQUIRED)
+ set(CRYPTO_LIBRARIES ${WOLFSSL_LIBRARY})
+else()
+ find_package(OpenSSL REQUIRED)
+ set(CRYPTO_LIBRARIES ${OPENSSL_CRYPTO_LIBRARY})
+endif()
+
+add_executable(${PROJECT_NAME} ${PROJECT_NAME}.c)
+target_link_libraries(${PROJECT_NAME} ${CRYPTO_LIBRARIES})
+
+install(TARGETS ${PROJECT_NAME} RUNTIME DESTINATION bin)
diff --git a/package/utils/uencrypt/src/uencrypt.c b/package/utils/uencrypt/src/uencrypt.c
new file mode 100644
index 0000000000..c4199b057a
--- /dev/null
+++ b/package/utils/uencrypt/src/uencrypt.c
@@ -0,0 +1,117 @@
+/* SPDX-License-Identifier: GPL-2.0-or-later
+ * Copyright (C) 2022 Eneas Ulir de Queiroz
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#ifdef USE_WOLFSSL
+# include <wolfssl/options.h>
+# include <wolfssl/openssl/evp.h>
+#else
+# include <openssl/evp.h>
+#endif
+
+int do_crypt(FILE *infile, FILE *outfile, const char *key, const char *iv,
+ int enc, int padding)
+{
+ EVP_CIPHER_CTX *ctx;
+ unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+ int inlen, outlen;
+
+ ctx = EVP_CIPHER_CTX_new();
+ EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv, enc);
+ EVP_CIPHER_CTX_set_padding(ctx, padding);
+
+ for (;;) {
+ inlen = fread(inbuf, 1, 1024, infile);
+ if (inlen <= 0)
+ break;
+ if (!EVP_CipherUpdate(ctx, outbuf, &outlen, inbuf, inlen)) {
+ EVP_CIPHER_CTX_free(ctx);
+ return -1;
+ }
+ fwrite(outbuf, 1, outlen, outfile);
+ }
+ if (!EVP_CipherFinal_ex(ctx, outbuf, &outlen)) {
+ EVP_CIPHER_CTX_free(ctx);
+ return -1;
+ }
+ fwrite(outbuf, 1, outlen, outfile);
+
+ EVP_CIPHER_CTX_free(ctx);
+ return 0;
+}
+
+static void check_enc_dec(const int enc)
+{
+ if (enc == -1)
+ return;
+ fprintf(stderr, "Error: both -d and -e were specified.\n");
+ exit(EXIT_FAILURE);
+}
+
+static void show_usage(const char* name)
+{
+ fprintf(stderr, "Usage: %s: [-d | -e] [-n] -k key -i iv\n"
+ "-d = decrypt; -e = encrypt; -n = no padding\n", name);
+}
+
+int main(int argc, char *argv[])
+{
+ int enc = -1;
+ unsigned char *iv = NULL;
+ unsigned char *key = NULL;
+ long len;
+ int opt;
+ int padding = 1;
+ int ret;
+
+ while ((opt = getopt(argc, argv, "dei:k:n")) != -1) {
+ switch (opt) {
+ case 'd':
+ check_enc_dec(enc);
+ enc = 0;
+ break;
+ case 'e':
+ check_enc_dec(enc);
+ enc = 1;
+ break;
+ case 'i':
+ iv = OPENSSL_hexstr2buf((const char *)optarg, &len);
+ if (iv == NULL || len != 16) {
+ fprintf(stderr, "Error setting IV to %s. The IV should be 16 bytes, encoded in hex.\n",
+ optarg);
+ exit(EINVAL);
+ }
+ break;
+ case 'k':
+ key = OPENSSL_hexstr2buf((const char *)optarg, &len);
+ if (key == NULL || len != 16) {
+ fprintf(stderr, "Error setting key to %s. The key should be 16 bytes, encoded in hex.\n",
+ optarg);
+ exit(EINVAL);
+ }
+ break;
+ case 'n':
+ padding = 0;
+ break;
+ default:
+ show_usage(argv[0]);
+ exit(EINVAL);
+ }
+ }
+ if (iv == NULL || key == NULL) {
+ fprintf(stderr, "Error: %s not set.\n", key ? "iv" : (iv ? "key" : "key and iv"));
+ show_usage(argv[0]);
+ exit(EXIT_FAILURE);
+ }
+ ret = do_crypt(stdin, stdout, key, iv, !!enc, padding);
+ if (ret)
+ fprintf(stderr, "Error during crypt operation.\n");
+ OPENSSL_free(iv);
+ OPENSSL_free(key);
+ return ret;
+}